Hi Mike, As a general rule, I wouldn't recommend checking permissions in an activity through APIs calls. In fact, the only way to do that securely is if the originating activity has started yours with startActivityForResult(). It is much better to apply the permission using android:permission in the manifest; if you want to have different permissions depending on the intent, you can use <activity-alias> (though you do need to be careful that you don't create security holes when doing this).
But if your activity must be started with startActivityForResult(), and that is enough to know how to verify the permission, that should be fine. At any rate, I am not aware of any problems with checkPermission(), it is pretty fundamental to the system and quite simple. It just looks up a map to find the package, and looks in a set in there to see if that package has the permission. The only time the permission set can change is when the app is re-installed/updated (and the user goes through the UI to confirm the new permissions). As far as forward-declaring permissions, yes if an app has a <uses-permission> then at the time it is installed there must be some other app already installed that has a <permission> defining it. Otherwise we don't know what that permission is to be able to present it to the user. Now there is probably an issue if you uninstall an app with <permission> definitions, which other apps are using, and then re-install it. I'm actually not sure what will happen in that case. :) Technically we should probably remove those permissions from the ones the apps are using... but then when you re-install it, you can't just give all apps who have requested them whatever permissions they want. There may be some work to do in the framework here to remember the package a permission came from, keep the using information around after it is installed, and if it is re-installed then automatically re-assign those permissions if they are for the same package. Off-hand, that seems safe. But it is not something we are currently doing. On Fri, Dec 12, 2008 at 11:19 AM, LondonMike <mike.c.jenni...@gmail.com>wrote: > > Hi, > > I'm seeing some weirdness with getPackageManager().checkPermission > (permission, callerPackage); > > sometimes it returns PackageManager.PERMISSION_GRANTED and sometimes > it doesn't (without reinstalling apps, just starting and stopping > apps) > > I have 2 applications, call them app A and app B. > app A fires a specific intent with a string extra of "foo" which > activates an activity in app B. app B's onCreate method then checks > that the > calling activity has the "blah.blah.blah.foo" permission and allows or > denies it at runtime. > > If app A fires the same intent, but now with a string extra of "bar", > then app B will then check that the calling activity has the > "blah.blah.blah.bar" permission. > > I've managed to get this particular approach to work, but sometimes > checkPermission() works for a while and then stops working. > Any idea what it could be? > > Do permissions have to be forward-declared? In other words, do I need > to have a <permission name="blah.blah.blah.bar"> in the > AndroidManifest of > app A or app B? Or does having a <uses-permission > name="blah.blah.blah.bar"> suffice to bring that particular permission > into the world? > > Thanks in advance for any advice you can give me on this! > > -Mike > > > -- Dianne Hackborn Android framework engineer hack...@android.com Note: please don't send private questions to me, as I don't have time to provide private support. All such questions should be posted on public forums, where I and others can see and answer them. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
